Add responseless dns requests to dns_data table.

[noman-xg]

This pull request is related to #418 which relates to including those DNS requests into the dns_data table for which a matching response was not found.

Testing Done

• Verified that tests in stitcher_test.cc are passed.

---

noman@px-dev-docker:/pl/src/px.dev/pixie$ bazel test src/stirling/source_connectors/socket_tracer/protocols/dns/...
INFO: Analyzed 7 targets (0 packages loaded, 0 targets configured).
INFO: Found 4 targets and 3 test targets...
INFO: Elapsed time: 3.078s, Critical Path: 2.69s
INFO: 11 processes: 1 internal, 10 processwrapper-sandbox.
INFO: Build completed successfully, 11 total actions
//src/stirling/source_connectors/socket_tracer/protocols/dns:parse_test  PASSED in 0.0s
//src/stirling/source_connectors/socket_tracer/protocols/dns:stitcher_test PASSED in 0.0s
//src/stirling/source_connectors/socket_tracer/protocols/dns:types_test  PASSED in 0.0s

INFO: Build completed successfully, 11 total actions
noman@px-dev-docker:/pl/src/px.dev/pixie$ cat   /home/noman/.cache/bazel/_bazel_noman/4c31fb537ca0f31ab15bbd6a8445d3b6/execroot/px/bazel-out/k8-fastbuild/testlogs/src/stirling/source_connectors/socket_tracer/protocols/dns/stitcher_test/test.log
exec ${PAGER:-/usr/bin/less} "$0" || exit 1
Executing tests from //src/stirling/source_connectors/socket_tracer/protocols/dns:stitcher_test
I20221010 11:30:13.268741  5618 env.cc:47] Started: /home/noman/.cache/bazel/_bazel_noman/4c31fb537ca0f31ab15bbd6a8445d3b6/sandbox/processwrapper-sandbox/21/execroot/px/bazel-out/k8-fastbuild/bin/src/stirling/source_connectors/socket_tracer/protocols/dns/stitcher_test.runfiles/px/src/stirling/source_connectors/socket_tracer/protocols/dns/stitcher_test
[==========] Running 2 tests from 1 test suite.
[----------] Global test environment set-up.
[----------] 2 tests from DnsStitcherTest
[ RUN      ] DnsStitcherTest.RecordOutput
[       OK ] DnsStitcherTest.RecordOutput (0 ms)
[ RUN      ] DnsStitcherTest.OutOfOrderMatching
[       OK ] DnsStitcherTest.OutOfOrderMatching (0 ms)
[----------] 2 tests from DnsStitcherTest (0 ms total)

[----------] Global test environment tear-down
[==========] 2 tests from 1 test suite ran. (0 ms total)
[  PASSED  ] 2 tests.
I20221010 11:30:13.269136  5618 env.cc:51] Shutting down

[pixie-io-buildbot]

Can one of the admins verify this patch?

[zasgar]

ok to test

[noman-xg]

Hey folks, how can i see the jenkins build log. The details hyperlink takes me to google sigin to continue to Pixie labs which says "Access blocked: Pixie Labs can only be used within its organization"
@htroisi

[htroisi]

We're working on improving our process so that the build logs are public. But for now, I DM'd you the logs.

[noman-xg]

BLOCKED

Hey folks, Jenkins build is failing with this error. Any pointer on this one ?

Apply this patch to src/stirling/source_connectors/socket_tracer/protocols/dns/stitcher.cc? [Y/n] EXCEPTION: (PhutilConsoleStdinNotInteractiveException) The program is attempting to read user input, but stdin is being piped from some other source (not a TTY). at [<arcanist>/src/console/format.php:196] arcanist(head=stable, ref.master=85c953ebe4a6, ref.stable=b6babd9a07f4), arcanist-addons() #0 phutil_console_require_tty() called at [<arcanist>/src/console/format.php:47] #1 phutil_console_prompt(string) called at [<arcanist>/src/console/format.php:15] #2 phutil_console_confirm(string, boolean) called at [<arcanist>/src/lint/renderer/ArcanistConsoleLintRenderer.php:47] #3 ArcanistConsoleLintRenderer::promptForPatch(ArcanistLintResult, string, TempFile) called at [<arcanist>/src/workflow/ArcanistLintWorkflow.php:312] #4 ArcanistLintWorkflow::run() called at [<arcanist>/scripts/arcanist.php:427] <<< [1] (+124,647) <exec> 124,647,614 us script returned exit code 255Unhandled hudson.AbortException: script returned exit code 255, assuming fatal error.

[oazizi000]

@Noman-Ali-Bajwa I think this is because the Jenkins build expects the diff to be pre-linted. We should figure out how to get the linters to run on your local environment.

[ghost]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: noman-xg
Once this PR has been reviewed and has the lgtm label, please assign zasgar for approval by writing /assign @zasgar in a comment. For more information see:The Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ghost]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: noman-xg
Once this PR has been reviewed and has the lgtm label, please assign zasgar for approval by writing /assign @zasgar in a comment. For more information see:The Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[oazizi000]

Hi @Noman-Ali-Bajwa,

Thanks so much for this preview PR! So glad to have your contribution.

This is a great start. Leaving a few comments for discussion below.

[oazizi000]

The high degree of similarity of this function with PxStitchFrames suggests we should merge them and pass in an boolean argument that selects the behavior. Otherwise there's too much duplication, which could be a problem if there's some bug fix we need to make in the future.

Also, I know you asked about this on Slack. Thanks for putting this preview out so I could get a better grasp on how much duplication there actually ends up being :)

[noman-xg]

I'll merge the two and push the changes soon.

[noman-xg]

fixed in a3e9243

[oazizi000]

This is the new part. A couple cases that we'll probably have to handle:

1. What if a request can't be matched with a response because the response is still in flight? The parser could run at any time, so we we have to be ready to handle that case. We might need to build in some assumptions about how delayed a response can be.

2. What's the rationale on default_resp_frame.timestamp_ns = 99;? We'll have to be careful with that because it could affect latency calculations.

[noman-xg]

1. What should we consider as a timeout for the dns request. I think we can handle that using timestamp_ns.

2. I have a workaround in mind to remove this. Will change in next commit.

[oazizi000]

For (1), there's no set number, but nslookup uses a default of 2 seconds if I'm not mistaken. So that could be a starting point. Whatever we choose, it should definitely be a FLAG so we can change it later if required.

[noman-xg]

timeout added in a3e9243

[oazizi000]

Thanks @Noman-Ali-Bajwa for making the updates. Here are a few more on the latest version.

[oazizi000]

style: if (!it->consumed)

[oazizi000]

Getting the clock can become expensive when inside a loop. Can you get the current_time a single time outside the loop and use the fixed value inside the loop. While not strictly as accurate, it should be more than sufficient for this use case.

[oazizi000]

style: it->timestsamp_ns

[oazizi000]

Still thinking about this one. At minimum, we could use the time of the timeout as the "response" time.

[noman-xg]

I'll get it out of the way today.

[oazizi000]

Looking good. One additional small comment. Thanks @Noman-Ali-Bajwa!

[oazizi000]

Can you add, in the description, that this flag depends on include_respless_dns_requests?

[noman-xg]

fixed in ef1516a

[oazizi000]

Also, feel free to take off the [PREVIEW] prefix on the PR :)